Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[5] Let's get ready for Pod Security Admission #1147

Closed
Tracked by #1218
cristiklein opened this issue Aug 31, 2022 · 1 comment
Closed
Tracked by #1218

[5] Let's get ready for Pod Security Admission #1147

cristiklein opened this issue Aug 31, 2022 · 1 comment
Assignees
@robinelastisys
Labels
kind/investigation Investigating something new, should result in new issues and/or documentation

Comments

@cristiklein
Copy link
Contributor

What should be investigated.

Pod Security Policies were removed in Kubernetes 1.25 and are replaced with Pod Security Admission. I made a quick analysis and, as far as I understood, we need to make the following changes:

Please proceed as follows:

  • Install two Kubernetes 1.25 clusters.
  • While not working; adjust Helm Charts.
  • Check that the correct profile is applied to non-privileged and user namespaces. E.g., one should not be able to run a root or privileged container in the production namespace.

What artifacts should this produce.

  • An investigation report, highlighting challenges and changes needed to make Compliant Kubernetes compatible with Kubernetes 1.25.
@cristiklein cristiklein added the kind/investigation Investigating something new, should result in new issues and/or documentation label Aug 31, 2022
@raviranjanelastisys
Copy link
Contributor

Thanks !! As discussed with SM's , Will take this in CS - Q4 !!

@Xartos Xartos mentioned this issue Sep 30, 2022
Closed
19 tasks
@crssnd crssnd changed the title Let's get ready for Pod Security Admission [5] Let's get ready for Pod Security Admission Oct 21, 2022
@robinelastisys robinelastisys self-assigned this Oct 31, 2022
@robinelastisys robinelastisys mentioned this issue Nov 15, 2022
Closed
12 tasks
@crssnd crssnd closed this as completed Dec 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@robinelastisys robinelastisys

Labels
kind/investigation Investigating something new, should result in new issues and/or documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

apps sc & wc: how to enable pod security admission elastisys/compliantkubernetes-apps
4 participants
@cristiklein @raviranjanelastisys @crssnd @robinelastisys